CVE-2009-1958

CVE-2009-1958 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKE_AUTH request without a (1) TSi or (2) TSr traffic selector.

Learn more about our Web Application Penetration Testing UK.